Re: arbiter/escrow agent for hire
From: IN%"bryce@digicash.com" 24-APR-1996 10:05:20.14
1. Acceptable digital signature upon the "bet statement" from each bettor. (Note that PGP signatures from PGP key pairs which are not connected to me via the Web of Trust, or which are not verifiable by me via an out-of-band connection, are not acceptable digital signatures. This is because of the MITM attack problem, not because I need True Names to be connected to the signatures.)
IIRC, currently Black Unicorn doesn't have any signatures on his public key of others. Therefore, this requirement, while understandable, could cause a bit of a difficulty in the current situation.
3. Amount of the bet from each bettor. This chunk of money will be known as the "ante". Note that depending upon the details of the "bet statement", each bettor may submit a different ante. (Yes, up front. Yes, I get antes from both bettors. Yes, I keep them while the bet is being settled. Why do you think my fee is so low?)
Chuckle. -Allen
On Wed, 24 Apr 1996, E. ALLEN SMITH wrote:
From: IN%"bryce@digicash.com" 24-APR-1996 10:05:20.14
1. Acceptable digital signature upon the "bet statement" from each bettor. (Note that PGP signatures from PGP key pairs which are not connected to me via the Web of Trust, or which are not verifiable by me via an out-of-band connection, are not acceptable digital signatures. This is because of the MITM attack problem, not because I need True Names to be connected to the signatures.)
IIRC, currently Black Unicorn doesn't have any signatures on his public key of others. Therefore, this requirement, while understandable, could cause a bit of a difficulty in the current situation.
Please obtain a copy of my current key by finger. --- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com
-----BEGIN PGP SIGNED MESSAGE----- Black Unicorn <unicorn@schloss.li> wrote: (> "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU> wrote:)
IIRC, currently Black Unicorn doesn't have any signatures on his public key of others. Therefore, this requirement, while understandable, could cause a bit of a difficulty in the current situation.
Please obtain a copy of my current key by finger.
Oh please. My respect for Uni's acumen just decremented a couple of notches. A 2048-bit key, and no signatures? Rather like a front door with welded plate armor and an open window, no? Let's talk more off-list... Regards, Bryce -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMYOSHkjbHy8sKZitAQGCdgL+J7TWOfx0izYITDa3UlXFP68k5DfAFrlb FWR3NP10/eqDDr/6guzse4Slp0SoCT49uVsy4kiZvwOT6uUIOv1DhobrUjHJMF1T LmNlAAPnAYK/NfwmZNQAX6NRbLPxd66o =EUxl -----END PGP SIGNATURE-----
On Sun, 28 Apr 1996 bryce@digicash.com wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Black Unicorn <unicorn@schloss.li> wrote: (> "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU> wrote:)
IIRC, currently Black Unicorn doesn't have any signatures on his public key of others. Therefore, this requirement, while understandable, could cause a bit of a difficulty in the current situation.
Please obtain a copy of my current key by finger.
Oh please. My respect for Uni's acumen just decremented a couple of notches. A 2048-bit key, and no signatures? Rather like a front door with welded plate armor and an open window, no?
My key is hardly signatureless. Please obtain a current copy. --- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com
bryce@digicash.com wrote:
Black Unicorn <unicorn@schloss.li> wrote: (> "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU> wrote:)
IIRC, currently Black Unicorn doesn't have any signatures on his public key of others. Therefore, this requirement, while understandable, could cause a bit of a difficulty in the current situation.
Please obtain a copy of my current key by finger.
Oh please. My respect for Uni's acumen just decremented a couple of notches. A 2048-bit key, and no signatures? Rather like a front door with welded plate armor and an open window, no?
Let's talk more off-list...
Hang on! This is interesting - keep in on-list! What's the big deal about not having signed his own key? The only thing that signing your own key does is show the [claimed] id of the real keyholder. There's no scope for abuse. Claiming this to be an armour door and open window is overreacting a bit. Gary -- pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com> Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06
-----BEGIN PGP SIGNED MESSAGE----- An entity callnig itself Gary Howland <gary@systemics.com> is alleged to have written:
bryce@digicash.com wrote:
Black Unicorn <unicorn@schloss.li> wrote: (> "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU> wrote:)
IIRC, currently Black Unicorn doesn't have any signatures on his public key of others. Therefore, this requirement, while understandable, could cause a bit of a difficulty in the current situation.
Please obtain a copy of my current key by finger.
Oh please. My respect for Uni's acumen just decremented a couple of notches. A 2048-bit key, and no signatures? Rather like a front door with welded plate armor and an open window, no?
Let's talk more off-list...
Hang on! This is interesting - keep in on-list!
If we did, we'd have to kill you. 8-)
What's the big deal about not having signed his own key?
The only thing that signing your own key does is show the [claimed] id of the real keyholder. There's no scope for abuse. Claiming this to be an armour door and open window is overreacting a bit.
Okay this is on-list because I have propagated disinformation and I'm trying to propagate the correction: for some reason I, and apparently E. ALLEN SMITH, got a copy of Black Uni's key which was devoid of signatures of any kind. My complaint was that this made it utterly open to MITM attacks. I was mistaken about Uni's key's lack of signatures though, and I apologized for saying the above. Actually, Black Uni's key via finger has two signatures (not counting his own): Sandy Sandfort (whose key has no signatures, as far as my copy of it goes), and loki@obscura.com (whose key has 22 signatures, only 3 of which are from keys that I can find copies of not counting loki's own). more later, Bryce -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMYSZZEjbHy8sKZitAQHB5wMA03m0NqNCMX0OjVdsQ+Kh7J6ZTPL3SJ/+ CqtrcrMly14cgBlDj4lWzXDZCHv179h8hyt0Y/zIG4fcnY+anUjFAN9vvUapqIxc PkeH27XuCN1JfeJCH/eTiy0Hzf6+nN5J =GbtJ -----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, On Mon, 29 Apr 1996 bryce@digicash.com wrote:
Actually, Black Uni's key via finger has two signatures (not counting his own): Sandy Sandfort (whose key has no signatures, as far as my copy of it goes),
I had only one signature on my key. It was Phil Zimmermann's, but it's one he has since revoked. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNED MESSAGE----- Ya gotta get yourself connected, as the Stereo MC's said. Unfortunately I can't see anyway to gain trust in this pseudonym since I don't believe that the ostensible owner, name of "Black Unicorn", understands about how to establish a strong pseudonym in the Web O Trust. I mean, I could explain it to him, but not even counting the difficulties of communicating such complex concepts among humans, there is the fact that if Mitch is here, he can prevent the real Uni from seeing the explanation, and he can act in Black Uni's place as if he understands. Then he can go through the necessary steps to increase our trust in his pubkey, as if Uni were going through them. There would be only one problem for Mitch: there would be some knowledge shared by the facade Uni and the rest of us that was not shared by the real Uni and the rest of us. Forever into the future whenever this knowledge came up in conversation Mitch would have to break automated-active-attack mode and go into acting mode to prevent us from realizing that we remembered history differently. Wouldn't be cool if we could somehow make much of our conversation depend on that shared memory in some non-automatible way? Then we could just recurse, making more and more of the conversation depend on previous conversation in a non-automatible way. Eventually all of our conversation would have to be acted by a human MITM instead of just falsely digitally authenticated by an automated MITM... more later, Bryce P.S. - -----BEGIN PGP MESSAGE----- Version: 2.6.2i hQEMAy1onm9OaF05AQf8D+nK6n4pobVlbL04r/un3dwxbOlCW/C5Iu8a//Wiu49B +ExkmlqK04cJbyF17N5F+j628RncYTyohUXvYPC0UtQPWWV3bj2euxFyzr8d40Cn W0mKGI4/6W29RYXwEn/3g+g+2sJt/HCIG1/RnhbcOCubJIQRYIY/7srmuiahLVob a1bKxd5Zp1JRHHmEPvFrpzz/TuiUKf4JGczcrhMYlt3q1fFsB4cW2inA9ymHdHZS OPiO+9au67fsv0YlF8qGoqEgeKuyX/pZUs1knntH7IFkjCziD0EeaTg+wvs5veJY fpJdTcCES0tuqFD+4WM1CV0Ad8mPLOGDsxF2vBMOuaYAAADVYpDriBhb5KIQJsTG M9957b/XTA7T2mq+sPsYd8ivoVgQqgiVYcJzpd0K5oqJTlsNpKzN23R2cfS4EGqV Xg3KNZqMSpA+u7Lx5OgZaeG0qaSpAtPxX7z6IZQL71YGjaoqNBaZHpuPdRIiic2g jfaX3DBBndue1801fQsahyqUqw2H/AeEVC7aJVlN9L/h7f85EIeIrLFPkl09uM9s XqalftyF90SAvynSVv+zVoAhvSETtTwecryM9sbpqQiDnYYw3zDsCK/cTOAcjtYo c68y2eyNPG8p =5LFk - -----END PGP MESSAGE----- EALLENSMITH could have been included in the encryption but I couldn't find a PGP key for him. -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMYOVIEjbHy8sKZitAQGl0wMAoLEe5xqPMs9J2vclqbmN2QNCyXk4l3qH g4TUVepq1gMlXXJ4w2Xae/XxsX7Ytu5aeNlkcUsLUgjtkAm63WAaJszgQGtLwqTI poZ4wfv7DMZC0n9lXsfacrBtIaJCKLTj =2e1i -----END PGP SIGNATURE----- Replied: Sun, 28 Apr 1996 17:43:29 +0200 Replied: Black Unicorn <unicorn@schloss.li> Replied: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU> Replied: cypherpunks@toad.com Return-Path: unicorn@schloss.li Received: from polaris.mindport.net (polaris.mindport.net [205.219.167.2]) by digicash.com (8.6.11/8.6.10) with ESMTP id JAA11303 for <bryce@digicash.com>; Thu, 25 Apr 1996 09:02:23 +0200 Received: from localhost (unicorn@localhost) by polaris.mindport.net (8.6.12/8.6.12) with SMTP id DAA03059; Thu, 25 Apr 1996 03:01:57 -0400 Posted-Date: Thu, 25 Apr 1996 03:01:57 -0400 Date: Thu, 25 Apr 1996 03:01:56 -0400 (EDT) From: Black Unicorn <unicorn@schloss.li> X-Sender: unicorn@polaris.mindport.net To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU> cc: bryce@digicash.com, cypherpunks@toad.com Subject: Re: arbiter/escrow agent for hire In-Reply-To: <01I3X9N6RA1W8Y50LP@mbcl.rutgers.edu> Message-ID: <Pine.SUN.3.93.960425030044.3252P-100000@polaris.mindport.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII On Wed, 24 Apr 1996, E. ALLEN SMITH wrote:
From: IN%"bryce@digicash.com" 24-APR-1996 10:05:20.14
1. Acceptable digital signature upon the "bet statement" from each bettor. (Note that PGP signatures from PGP key pairs which are not connected to me via the Web of Trust, or which are not verifiable by me via an out-of-band connection, are not acceptable digital signatures. This is because of the MITM attack problem, not because I need True Names to be connected to the signatures.)
IIRC, currently Black Unicorn doesn't have any signatures on his public key of others. Therefore, this requirement, while understandable, could cause a bit of a difficulty in the current situation.
Please obtain a copy of my current key by finger. --- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com
-----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, bryce@digicash.com writes:
Unfortunately I can't see anyway to gain trust in this pseudonym since I don't believe that the ostensible owner, name of "Black Unicorn", understands about how to establish a strong pseudonym in the Web O Trust.
[12:09] 1 [c:\grab]:sendai# pgp -kvv unicorn@schloss.li Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses. (c) 1990-1994 Philip Zimmermann, Phil's Pretty Good Software. 11 Oct 94 Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc. Distributed by the Massachusetts Institute of Technology. Export of this software may be restricted by the U.S. government. Current time: 1996/04/28 17:10 GMT Key ring: 'c:\glyph\pubring.pgp', looking for user ID "unicorn@schloss.li". Type bits/keyID Date User ID pub 2048/4E685D39 1995/03/26 Black Unicorn <unicorn@schloss.li> sig 5AC7B865 (Unknown signator, can't be checked) sig DCB75233 Sandy Sandfort <SSANDFORT@ATTMAIL.COM> sig 4E685D39 Black Unicorn <unicorn@schloss.li> 1 matching key found. Looks like a good start to me. - -- Roy M. Silvernail [ ] roy@cybrspc.mn.org PGP Public Key fingerprint = 31 86 EC B9 DB 76 A7 54 13 0B 6A 6B CC 09 18 B6 Key available from pubkey@cybrspc.mn.org -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMYOnwBvikii9febJAQHafQP9HY9bjBIBqlPg9NT+/K6kpcYwvJkJGhrF NYqwwYPSJqHwCVs+BPnPrdvjPR/rkSqyBeKx2QNOF84HpZmAXn/URQ064DRI0Gug w7VlotuuGfa8HMS/MQwOMDEu42jQJuDpQsibwkWeCvy8IZrgpjsyl86w2lKd1Gjf GymvDoJ7j7U= =DYms -----END PGP SIGNATURE-----
On Sun, 28 Apr 1996 bryce@digicash.com wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Ya gotta get yourself connected, as the Stereo MC's said.
Unfortunately I can't see anyway to gain trust in this pseudonym since I don't believe that the ostensible owner, name of "Black Unicorn", understands about how to establish a strong pseudonym in the Web O Trust.
(Sigh). I'll say it yet a third time. Get a current copy of my key which is signed by at least three people on the web of trust. --- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com
(Sigh). I'll say it yet a third time. Get a current copy of my key which is signed by at least three people on the web of trust.
As if this "web of trust" was actually worth something. -- Sameer Parekh Voice: 510-601-9777x3 Community ConneXion, Inc. FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.net/ (or login as "guest") sameer@c2.net
-----BEGIN PGP SIGNED MESSAGE----- sameer@c2.org wrote: (> Black Unicorn <unicorn@schloss.li> wrote:)
(Sigh). I'll say it yet a third time. Get a current copy of my key which is signed by at least three people on the web of trust.
As if this "web of trust" was actually worth something.
It is most certainly worth something, as long as the participants exercise the necessary measures to detect and correct any active attacks on it. The primary reason that the Web O Trust is ineffective at this point is the prevalence of misunderstandings among users (including cypherpunks) about its usage and its efficacy. As an example of these prevalent misunderstandings, I submit to you the fact that PGP keyservers do not use PGP, either for encryption or authentication. If you suggest it to them (or indeed, to most cypherpunks) they will respond that it would "do no good". Ridiculous. It's a shame really, since if we _did_ have the wits to create a Web O Trust now, it would serve to prevent active attacks in the future. Hopefully the public key infrastructure people will come up with something that will replace the WoT and will be more understandable or acceptable to people. In the meantime, I cannot have much confidence in the security of my private communications with Black Unicorn, which makes me hesitant to exchange money with him. Unfortunate that cypherpunks are so ineffectual when it comes to "social engineering" (not in the "social cracking" sense). Regards, Bryce -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMYSB8kjbHy8sKZitAQEuhwL/YDwOJB9pFP2Fbj0DBMvN8byLm4O3XwTK klt5SOkS4ahKoE04bzTAMb2HhyX4xGyGxJD/dbB0FxJSHRSpI5Th/6Jk6UNNQrMe 6GppN1HO2yHA5muxNxwWiERk0XGNtaFN =jMKu -----END PGP SIGNATURE-----
On Mon, 29 Apr 1996 bryce@digicash.com wrote:
In the meantime, I cannot have much confidence in the security of my private communications with Black Unicorn, which makes me hesitant to exchange money with him.
That's ok, I prefer cash. --- My preferred and soon to be permanent e-mail address:unicorn@schloss.li "In fact, had Bancroft not existed, potestas scientiae in usu est Franklin might have had to invent him." in nihilum nil posse reverti 00B9289C28DC0E55 E16D5378B81E1C96 - Finger for Current Key Information Opp. Counsel: For all your expert testimony needs: jimbell@pacifier.com
-----BEGIN PGP SIGNED MESSAGE----- The entity calling itself "Black Unicorn" <unicorn@schloss.li> probably wrote:
On Mon, 29 Apr 1996 bryce@digicash.com wrote:
In the meantime, I cannot have much confidence in the security of my private communications with Black Unicorn, which makes me hesitant to exchange money with him.
That's ok, I prefer cash.
It _was_ going to be cash! :-) Bryce P.S. For the record, I'm just talking about my offer to settle cypherpunk bets. This is all hypothetical. I'm not actually exchanging any money with Uni. I've never met him. Whatever he's doing, I'm not involved. You can't prove anything. -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMYXpJkjbHy8sKZitAQGyZAMAs4O9+WN1WBtt3hXPgiE6BEiuuQmj/u6u RMqG3WRlhG3kMfCHZ1ypfV2SCCHYxmbBTa+olVp2yIJ5Qan13Qvr4KwI+o1JN/KO JLG9ShEF9Uk5sduAuYUK526QJYhhce4d =SYeA -----END PGP SIGNATURE-----
So are there any arbiters out there who would deal in non-digital cash? Or someone who would launder US$ to Ecash for a smalle fee? I'd like to arbitrate a few minor disagreements with my 95% friend Declan. Clearly, neither private email nor restrained public flames have worked for three months. (I don't have TIME for this shit...) -rich http://www.c2.org/~rich/
-----BEGIN PGP SIGNED MESSAGE----- E. Allen Smith <eallensmith@ocelot.rutgers.edu> wrote: (> Bryce wrote:)
1. Acceptable digital signature upon the "bet statement" from each bettor. (Note that PGP signatures from PGP key pairs which are not connected to me via the Web of Trust, or which are not verifiable by me via an out-of-band connection, are not acceptable digital signatures. This is because of the MITM attack problem, not because I need True Names to be connected to the signatures.)
IIRC, currently Black Unicorn doesn't have any signatures on his public key of others. Therefore, this requirement, while understandable, could cause a bit of a difficulty in the current situation.
Hm. This is a toughie. For one it would help if Black Unicorn had a "pseudonym keysignature" from someone who had a Web O Trust link to me. This would make me more certain that a hypothetical man in the middle between me and the rest of you wasn't able to impersonate Black Unicorn. Of course, such a MITM could still impersonate Black Unicorn by being between Uni and the rest of us. It would help if Uni made a habit of publishing his true public key via various difficult-to-intercept channels, but of course we can't _know_ whether Uni is doing that or not in any case. Yeah, it's hard to gain trust in the absence of a Mitch (a.k.a. MITM) between Uni and us. It is feasible, for my purposes, though. We could tie Uni's ostensible pubkey to the Web of Trust. We could assume that Uni is resourceful enough to publish his own pubkey via difficult-to-intercept channels, to check his own pubkey, and to broadcast a warning if any active attack is detected. Then as time passed we could gain trust in the lack of an active attack on that pubkey. Currently neither the first (add key to WoT) nor the second (believe that Uni is actively trying to propagate/check his key) step is working... Regards, Bryce -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMYORSEjbHy8sKZitAQGXkAMAvU13aY2pzagOtSoYSomvO2tYzZBNZzUw 4Ke8a4tprEOP7r+nkXLH0EJgDEG4OSBzj3FmpxJ6OrMnsb/qDo0vXfI/GlIal0/j J2z+LxOQvoSOMRKvydZUA/8Wc64+gKYH =x3Nm -----END PGP SIGNATURE-----
participants (8)
-
Black Unicorn -
bryce@digicash.com -
E. ALLEN SMITH -
Gary Howland -
Rich Graves -
roy@sendai.cybrspc.mn.org -
sameer@c2.org -
Sandy Sandfort